-
Notifications
You must be signed in to change notification settings - Fork 32
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update dependencies to support svelte@4 #112
Conversation
Updated and removed dependencies detected. Learn more about Socket for GitHub ↗︎
🚮 Removed packages: @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], @storybook/[email protected], [email protected] |
🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎ To accept the risk, merge this PR and you will not be notified again.
Next stepsWhat is bin script confusion?This package has multiple bin scripts with the same name. This can cause non-deterministic behavior when installing or could be a sign of a supply chain attack Consider removing one of the conflicting packages. Packages should only export bin scripts with their name Take a deeper look at the dependencyTake a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev. Remove the packageIf you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency. Mark a package as acceptable riskTo ignore an alert, reply with a comment starting with
|
I do not know if the peer dependency version of storybook should also be |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is great, thank you for this! 💪
🚀 PR was released in |
Thanks for the great job and for the time invested in this @RSWilli ! 👏🏽 Is it possible this should be using Also, when running my project with stacktrace
This is my list of dependencies
"devDependencies": {
"@fontsource-variable/inter": "^5.0.3",
"@playwright/test": "1.36.1",
"@storybook/addon-essentials": "^7.1.0",
"@storybook/addon-interactions": "^7.1.0",
"@storybook/addon-links": "^7.1.0",
"@storybook/addon-styling": "^1.3.4",
"@storybook/addon-svelte-csf": "^3.0.4",
"@storybook/blocks": "^7.1.0",
"@storybook/jest": "^0.1.0",
"@storybook/svelte": "^7.1.0",
"@storybook/sveltekit": "^7.1.0",
"@storybook/test-runner": "^0.11.0",
"@storybook/testing-library": "^0.2.0",
"@sveltejs/adapter-cloudflare": "^2.3.1",
"@sveltejs/kit": "1.22.3",
"@tailwindcss/forms": "^0.5.3",
"@tailwindcss/typography": "^0.5.9",
"@types/testing-library__jest-dom": "^5.14.8",
"@typescript-eslint/eslint-plugin": "5.62.0",
"@typescript-eslint/parser": "5.62.0",
"autoprefixer": "10.4.14",
"chromatic": "^6.19.8",
"concurrently": "^8.2.0",
"eslint": "8.45.0",
"eslint-config-prettier": "8.8.0",
"eslint-plugin-playwright": "^0.15.1",
"eslint-plugin-promise": "^6.1.1",
"eslint-plugin-storybook": "^0.6.12",
"eslint-plugin-svelte": "2.32.2",
"postcss": "8.4.26",
"postcss-import": "^15.1.0",
"postcss-load-config": "4.0.1",
"prettier": "2.8.8",
"prettier-plugin-jsdoc": "^0.4.2",
"prettier-plugin-svelte": "2.10.1",
"prettier-plugin-tailwindcss": "^0.4.0",
"react": "^18.2.0",
"react-dom": "^18.2.0",
"storybook": "^7.1.0",
"svelte": "4.0.5",
"svelte-check": "3.4.6",
"tailwindcss": "3.3.3",
"tslib": "2.6.0",
"typescript": "5.1.6",
"vite": "4.4.4",
"vitest": "0.33.0"
}, Let me know if this relates to this issue or if I need to open a new one with more information. Again, thanks for the effort and giving back to the community ❤️ |
@oscard0m I am getting the same error here, I think this happens because the types are now svelte 4 typings, which are incompatible with the svelte 3 typings in my project I think this needs a new PR, if we want to support both svelte 3 and 4 |
Thanks for the quick answer and for giving some light here @RSWilli!
I'm not sure what are the steps to follow:
|
I think @joelmukuthu is correct, that what you're seeing @oscard0m is #111.
@RSWilli I don't think the typings should be breaking, because we did the same changes in core without breaking anything. But if they indeed are, then we should revert this PR and release it as a major instead. |
First of all, great job 👏 @oscard0m, did you manage to make it work ? I've got the exact same error as you:
And here are my dependencies:
Thanks in advance, cheers ! |
@benpaquier the error you're seeing is #111, which comes from Storybook v7.1. I suggest you try pinning your Storybook dependencies to version (if using the canary version, it would be great if you could report on #113 if it works for you or not) |
Closes #109
The included storybook run fine for me locally.
I am not familiar with the build process with github actions, so feel free to edit anything.